GENERAL SUMMARY: Delphinus Engineering, Inc. has a full-time opening (hire contingent upon award of contract) for a qualified cyber security professional to support the US Navy. Candidate will be responsible for the development and implementation of cyber security technologies into current and next generation ship systems throughout the fleet. The candidate will assist the customer in requirements development and decomposition, documentation, installation of software, patches, policies, and other fixes on hardware representative of the shipboard configuration. This position will ensure that the Operating System (Windows or Linux) and related software (e.g. Database Management System, Web/Application Server, etc) have been properly configured to support the deployment of the systems while meeting near real-time performance and emerging cyber security requirements.
LOCATION: Bethesda, MD
SPECIFIC DUTIES & RESPONSIBILITIES:
- Support the integration and test of cyber security technologies into existing USN systems.
- Manage existing documentation such as user manuals, installation guides, and testing procedures. Create new documentation as required. Support A&A analysts with creation of security artifacts to support RMF process including PIT.
- Install and configure the systems to facilitate testing in the shipboard environment
- Monitor system performance and ensure that security features and functional requirements meet the performance needs of the system by performing routine vulnerability analysis using ACAS/Nessus, SCAP compliance checker, DISA STIGs, NIST SPs, and vendor guidance when required.
- Verify with engineers that the system meets the needs of the USN while adhering to cyber security controls
PRINCIPAL DUTIES & RESPONSIBILITIES:
- Conduct routine vulnerability assessments of lab and shipboard systems using NESSUS/ACAS, STIGs, and SCAP. Provide compliance reporting to VRAM.
- Install and test patches and other fixes in a shipboard environment to ensure no degradation in performance or functionality
- Develop delivery procedures and techniques to ensure systems are deployed in a secure manner to the fleet
- Develop DISA STIG checklists, integration and test of security patches/features, and develop security CONOPS for all system software.
- Participate in the Information Assurance Vulnerability Management process for all Energy related software.
- Maintains current knowledge of relevant technology and coding practices
- Travel expected (~25%)
- Performs day-to-day interface activities with program management, other developers, SAs, installation team, and users involving issues and concerns regarding cybersecurity for both lab and fleet systems.
- 3-5 years in Cyber Security position
- In depth knowledge of and working experience with ACAS/NESSUS, DISA STIGs, SCAP, HBSS/McAfee, PKI
- Experience with Linux and Windows Operating systems
- Experience in TCP/IP networking and design (especially regarding FW/IDS deployment)
- Familiar with current DoD C&A/A&A process – DIACAP, RMF, PIT
- Proficient in Microsoft Office Products
- Excellent oral and written communication skills
- BS in Computer Science, Computer Engineering, Electrical Engineering, or equivalent
- Security+ MINIMUM required, CISSP preferred
- MSCITP for Windows 7/10 or Server OR Linux + required
- Active Secret clearance (or inactive <18 months) REQUIRED